| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: openscap-docker | Distribution: openSUSE:Factory:zSystems |
| Version: 1.3.9 | Vendor: openSUSE |
| Release: 1.1 | Build date: Sun Sep 24 14:45:18 2023 |
| Group: System/Libraries | Build host: s390zl22 |
| Size: 22885 | Source RPM: openscap-1.3.9-1.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://www.open-scap.org/ | |
| Summary: Docker plugin for OpenSCAP | |
This package contains the Docker support for OpenSCAP.
LGPL-2.1-or-later
* Thu Sep 21 2023 Andreas Stieger <andreas.stieger@gmx.de>
- update to 1.3.9:
* use PCRE2 library
* Fix offline mode (OVAL/sysctl)
* Fix leak of dpkg cache when dpkginfo_init is called multiple times
* Fix un-expanded variable in xccdf report output
* Fix issues when parsing profiles
* Fix minor problems and resource leaks
* Wed Jun 21 2023 Robert Frohl <rfrohl@suse.com>
- openscap 1.3.8
* New features
- The boot-time remediation service for systemd's Offline Update mode is now disabled by default
- Add offline capabilities to the shadow OVAL probe
- Add offline capabilities to the sysctl OVAL probe
- Add 'auristorfs' to list of network fileystems
- Add new experimental linux-bound fwupdsecattr probe for system firmware security attributes (fwupd-based)
* Maintenance, bug fix
- Use ListUnitFiles D-Bus method to fetch all units in systemd OVAL probe
- Fix minor resource leaks
* Wed Mar 29 2023 Marcus Meissner <meissner@suse.com>
- remove _service confusion, we use final tarballs.
* Tue Mar 28 2023 kkaempf@suse.com
- Update to version 1.3.7:
* openscap-1.3.7
* Bump soname from 25.5.0 to 25.5.1
* Bump version to openscap-1.3.7
* Fix typos in docs
* Remove a check for suspicious files
* Add debian_evr_string tests to CMakeLists
* Add a few unittests for debian_evr_string
* Remove To be done
* Move release guide to upstream
- add 0005-rename-requires-reqs-for-C-20-compatibility.patch
- rename patches
openscap-opensuse-cpe.patch to 0001-Add-openSUSE-cpe-links.patch
openscap-suse-cpe.patch to 0002-Add-SUSE-cpe-links.patch
openscap-docker-add-suse.patch to 0003-Use-openSUSE-SUSE-cpe-links.patch
oscap-remediate.service.in.patch to 0004-oscap-remediate-is-located-in-bindir.patch
- drop 0001-Use-correct-includes.patch (upstream)
* Mon Jan 23 2023 Thorsten Kukuk <kukuk@suse.com>
- Require systemd for building, was pulled in before by indirect
dependencies which don't exist anymore
* Thu Jan 19 2023 Marcus Meissner <meissner@suse.com>
- 0001-Use-correct-includes.patch: fixed build with rpm 4.18
* Wed Sep 21 2022 Dirk Müller <dmueller@suse.com>
- require shared library in the same version or newer
* Thu Sep 15 2022 Marcus Meissner <meissner@suse.com>
- added Leap 15.4 and 15.5 dictionary entries. (bsc#1203408)
* Sat Feb 19 2022 Bjørn Lie <bjorn.lie@gmail.com>
- Conditionally drop optional gconf2-devel BuildRequires for
openSUSE Tumbleweed and newer: gconf2 is being droppped from
openSUSE Tumbleweed, build without gconf2 support.
* Thu Jan 20 2022 Robert Frohl <rfrohl@suse.com>
- openscap 1.3.6
* New features
- Select and exclude groups of rules on the command line
- The boot-time remediation service for systemd's Offline Update mode
- Memory limit control using OSCAP_PROBE_MEMORY_USAGE_RATIO environment variable
- Allow disablement of SHA-1 and MD5
- Allow providing pre-downloaded components
- Introduce OSBuild Blueprint fix type
* Maintenance, bug fix
- Fix coverity issues
- Patch the `segfault` in dpkginfo_fini()
- Add an alternative source of hostname
- Fail download on HTTP errors
- Compile "environmentvariable_probe" on Windows
- FreeBSD build and test fixes
- Add offline mode for password probe
- Initialize crypto API only once
- Fix UBI 9 scan
- oval/yamlfilecontent: Add 'null' values handling
- Do not set Rpath
- Do not split `XCCDF:requires` with multiple `idrefs`
- Allow empty /proc in offline mode
- oscap-remediate is shipped via /usr/bin
Added oscap-remediate.service.in.patch
- spec-cleaner run
* Tue Dec 07 2021 Marcus Meissner <meissner@suse.com>
- openscap-docker-add-suse.patch: add SLES support oscap-docker
(bsc#1179314)
* Mon Oct 04 2021 Marcus Meissner <meissner@suse.com>
- ship python3 docker module always
* Thu Aug 19 2021 Steve Kowalik <steven.kowalik@suse.com>
- Since upstream has moved to Python 3, switch the BuildRequires from
python-devel to python3-devel.
* Wed Jul 14 2021 Robert Frohl <rfrohl@suse.com>
- Add definition for tumbleweed to openscap-opensuse-cpe.patch (boo#1186735)
* Wed Jun 02 2021 Robert Frohl <rfrohl@suse.com>
- add old patches - slightly renamed; cpe are needed (boo#1186735)
* openscap-opensuse-cpe.patch
* openscap-suse-cpe.patch
* Fri Apr 23 2021 Robert Frohl <rfrohl@suse.com>
- openscap 1.3.5
* New features
- Made schematron-based validation enabled by default for validate command of oval and xccdf modules
- Added SCAP 1.3 source data stream Schematron
- Added XML Signature Validation
- Added --enforce-signature option for eval, guide, and fix modules
- Added <content> entity support (OVAL/yamlfilecontent)
- Allowed to clamp mtime to SOURCE_DATE_EPOCH
- Added severity and role attributes
- Added support for requires/conflicts elements of the Rule and Group (XCCDF)
- Added Kubernetes remediation to HTML report
* Maintenance, bug fix
- Fixed CMake warnings
- Made 'gpfs', 'proc' and 'sysfs' filesystems non-local
- Fixed handling of '--arg=val'-styled common options
- Documented used environment variables
- Updated man page and help texts
- Added --skip-validation option synonym for --skip-valid
- Fixed behavior of StateType operator
- Fixed some of the coverity warnings
- Ignoring namespace in XPath expressions
- Fixed how oval_probe_ext_eval checks absence of the response from the probe (obtrusive data warning)
- Described SWID tags detection
- Improved documentation about --stig-viewer option
- File probe behaviour fixed (symlink traversal now behaves as defined by OVAL)
- Fixed multiple segfaults and broken test in --stig-viewer feature
- Added dpkg version comparison algorithm
- Pluged some memory leaks
- Fixed TestResult/benchmark/@href attribute
- Fixed memory allocation
- Fixed field names for cases where key selection section is followed by a set section (probes/yamfilecontent)
- Changing hard coded libperl path in favor of FindPerlLibs method
- Check local filesystems when using 'filepath' element
- dropped, because not needed anymore:
* 0001-Fix-memory-allocation.patch
* openscap-new-suse.patch
* openscap-leap-cpe-15.12.patch
* Sat Nov 14 2020 Marcus Meissner <meissner@suse.com>
- 0001-Fix-memory-allocation.patch: fixed a crash during oscap oval eval
* Mon Nov 09 2020 Marcus Meissner <meissner@suse.com>
- openscap-leap-cpe-15.12.patch: add CPE dict entries for openSUSE
Leap 15.1 and 15.2
* Sat Oct 31 2020 Marcus Meissner <meissner@suse.com>
- add dbus-1-devel buildrequires to enable systemd tests (bsc#1178301)
* Fri Oct 02 2020 Robert Frohl <rfrohl@suse.com>
- openscap 1.3.4
* New features
- Add support for FreeBSD
- Make use of HTTP header content-encoding: gzip if available
- Improved yamlfilecontent: updated yaml-filter, extend the schema and probe to be able to work with a set of values in maps
* Maintenance, bug fixes
- A lot of memory leaks have been plugged
- Refactored rpmverifyfile probe and fixed memory leak
- Fixed SEGFAULT caused by recursive and circular dependencies between OVAL definitions
- Fixed DOM representation of the profile platform
- Test suit: better portability, more granularity in results, inclusion of memory-related tests
- Compatibility with uClibc
- Local and remote file system detection method was improved
- Make the report a valid HTML5 document
* Mon May 04 2020 Marcus Meissner <meissner@suse.com>
- openscap 1.3.3. Notable improvements in this release:
- a Python script that can be used for CLI tailoring (autotailor) (thank you, Matěj Týč);
- timezone for XCCDF TestResult start and end time (thank you, Jan Černý);
- new yamlfilecontent independent probe (draft implementation),
see the proposal https://github.com/OVAL-Community/OVAL/issues/91
for additional information.
There are other changes as well, here is the list:
- Introduced `urn:xccdf:fix:script:kubernetes` fix type in XCCDF;
- Added ability to generate `machineconfig` fix;
- Detect ambiguous scan target (utils/oscap-podman);
- Fixed #170: The rpmverifyfile probe can't verify files from '/bin' directory;
- The data system_info probe return for offline and online modes is consistent and actual;
- Prevent crashes when complicated regexes are executed in textfilecontent58 probe;
- Fixed #1512: Severity refinement lost in generated guide;
- Fixed #1453: Pointer lost in Swig API;
- Evaluation Characteristics of the XCCDF report are now consistent with OVAL entities;
from system_info probe;
- Fixed filepath pattern matching in offline mode in textfilecontent58 probe;
- Fixed infinite recursion in systemdunitdependency probe;
- Fixed the case when CMake couldn't find libacl or xattr.h.
- dropped 0001-Do-not-use-C-keyword-operator-as-a-function-paramete.patch: upstream
* Wed Mar 25 2020 Christophe Giboudeaux <christophe@krop.fr>
- Add upstream patch to fix the scap-workbench build:
* 0001-Do-not-use-C-keyword-operator-as-a-function-paramete.patch
* Tue Jan 14 2020 Marcus Meissner <meissner@suse.com>
- switch back to official release
- openscap 1.3.2
- the test suite and build scripts were improved to support Debian 10
- offline mode has received some love with a set of dedicated tests and various fixes in OVAL probes;
- the oscap-docker wrapper is no longer dependent on Atomic
- Python binding are now more robust
- HTML reports and guides, generated by the scanner, are now more accessible for non-visual rendering agents
- Support of multi-check rules has been improved across the whole workflow
There are other changes as well, here is the list:
* New features
- Offline mode support for environmentvariable58 probe
- The oscap-docker wrapper is available without Atomic
+ Maintenance, bug fixes
- Improved support of multi-check rules (report, remediations, console output)
- Improved HTML report look and feel, including printed version
- Less clutter in verbose mode output; some warnings and errors demoted to verbose mode levels
- Probe rpmverifyfile uses and returns canonical paths
- Improved a11y of HTML reports and guides
- Fixes and improvements for SWIG Python bindings
- #1403 fixed: Scanner would not apply remediation for multicheck rules (verbosity)
- Fixed URL link mechanism for Red Hat Errata
- New STIG Viewer URI: public.cyber.mil
- Probe selinuxsecuritycontext would not check if SELinux is enabled
- Scanner would provide information about unsupported OVAL objects
- Added more tests for offline mode (probes, remediation)
- #528 fixed: Eval SCE script when /tmp is in mode noexec
- #1173, RHBZ#1603347 fixed: Double chdir/chroot in probe rpmverifypackage
* Sat Jan 11 2020 Marcus Meissner <meissner@suse.com>
- temporary openscap 1.3.1 git snapshot
- make it build with new RPM (bsc#1160720)
* Sat Jan 11 2020 Marcus Meissner <meissner@suse.com>
- use distribution-release instead of dummy-release
/usr/bin/oscap-docker /usr/lib/python3.11/site-packages/oscap_docker_python /usr/lib/python3.11/site-packages/oscap_docker_python/__init__.py /usr/lib/python3.11/site-packages/oscap_docker_python/get_cve_input.py /usr/lib/python3.11/site-packages/oscap_docker_python/oscap_docker_common.py /usr/lib/python3.11/site-packages/oscap_docker_python/oscap_docker_util.py
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Mar 9 12:50:11 2024